WO2002078268A1 - Method of communication through a firewall - Google Patents

Method of communication through a firewall Download PDF

Info

Publication number
WO2002078268A1
WO2002078268A1 PCT/SE2002/000557 SE0200557W WO02078268A1 WO 2002078268 A1 WO2002078268 A1 WO 2002078268A1 SE 0200557 W SE0200557 W SE 0200557W WO 02078268 A1 WO02078268 A1 WO 02078268A1
Authority
WO
WIPO (PCT)
Prior art keywords
computer unit
computer
communication
unit
accordance
Prior art date
Application number
PCT/SE2002/000557
Other languages
French (fr)
Inventor
Lars Resenius
Lars LAVÉN
Original Assignee
Columbitech Ab
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Columbitech Ab filed Critical Columbitech Ab
Publication of WO2002078268A1 publication Critical patent/WO2002078268A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/029Firewall traversal, e.g. tunnelling or, creating pinholes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/08Protocols for interworking; Protocol conversion

Definitions

  • ports are used to communicate with the Internet user. These ports are designated for the use of a given communications protocol. The ports are numbered, wherewith port 80 is normally used for HTTP, port 25 is normally used for SMTP and port 143 is normally used for IMAP, for example.
  • Security is normally achieved, for instance with respect to a company, by establishing a firewall between the company server and the surrounding world.
  • communication takes place between a user, with a first computer unit, and the server, which may be a second computer unit, often via a third computer unit consisting of an intermediate computer unit on the Internet, wherewith communication between the second and the third computer units, i.e. between the company server and the intermediate computer unit, often takes place through a firewall.
  • the company often needs to communicate via a number of different protocols with different users, where each protocol has its own port, a plurality of openings are necessary in the firewall, one for each port.
  • JP-A-10135982 describes how two different IP addresses can share a common MAC address.
  • Another technical problem resides in enabling communication to be effected with a plurality of different users that use a number of different protocols with only one single opening in the firewall.
  • Another technical problem resides in allowing a plurality of different second computer units to communicate mutually with a plurality of different first computer units in accordance with different protocols via a common third computer unit, where all second computer units require only one single opening through their respective firewalls.
  • the third computer unit forwards the communication from the plurality of different first computer units to the second computer unit via said single port and in accordance with the specific protocol.
  • respective second computer unit is allocated one or more addresses or ports at the third computer unit for receiving communication from their respective one or more first computer units, and that when contacted from a first computer unit the third computer unit identifies correct second computer unit for the contacting first computer unit, through the medium of the address or port used by the first computer unit in making said contact.
  • the specific protocol is the TCP protocol.
  • the third computer unit is able to translate between the specific protocol and a plurality of other protocols, such as UDP and WAP.
  • the present invention can be applied with particular advantage when the network concerned is the global network Internet.
  • the present invention also relates to two computer program products, wherein a first computer program product includes a computer program code which, when executed by a computer unit, performs the functions of a third computer unit according to the inventive method, and wherein a second computer program product includes a computer program code which, when executed by a computer unit, performs the functions of a second computer unit in accordance with the inventive method.
  • the present invention also relates to a computer readable medium in which there is stored a computer program code according to the first or the second computer program product.
  • Those advantages primarily afforded by a method, computer program products, or a computer readable medium in accordance with the present invention reside in the ability to provide a third computer unit, or a Web server, which enables a second computer unit, or company-internal server, to communicate with a plurality of different first computer units, or users, in accordance with a plurality of different protocols, in the absence of any true opening through the used firewall.
  • Figure 1 is a highly simplified, schematic illustration of communication via a network in accordance with known technology
  • Figure 2 is a highly simplified schematic illustration of how a second computer unit communicates with a plurality of different first computer units in accordance with the present invention
  • Figure 3 is a highly simplified, schematic illustration of how a plurality of second computer units communicates with a plurality of different first computer units in accordance with the present invention.
  • Figure 2 is intended to show that it is possible, in accordance with the present invention, to allow all communication between the second computer unit 2 and the third computer unit 3 to take place via a single port 4 in accordance with a specific protocol A s , and that the third computer unit 3, in the communication with the first computer unit 1 1 , translates between the protocol A 1 according to which the first computer unit 1 communicates with the third computer unit 3 and the specific protocol A s according to which the third computer unit 3 communicates with the second computer unit 2.
  • Figure 2 also shows that a plurality of different first computer units 1 1 , 12, 13, 14 can communicate with the second computer unit 2 via the third computer unit 3, wherewith these several first computer units 1 1 , 12, 13, 14 communicate in accordance with one and the same or in accordance with mutually different and mutually independent protocols A-i, A 2 , A3, A_ ⁇ .
  • the third computer unit 3 forwards the communication with the plurality of different first computer units 1 1 , 12, 13, 14 to the second computer unit via said single port 4 in accordance with the specific protocol A s .
  • Figure 3 illustrates an embodiment in which a plurality of second computer units
  • respective second computer unit 2a, 2b, 2c communicates with their respective one or more first computer units 11 a, 12a, 13a, 1 1 b, 12b, 13b, 11 c, 12c, 13c via the third computer unit 3.
  • respective second computer unit 2a, 2b, 2c is allocated one or more addresses or ports 31a, 31 b, 31c, 32a, 32b, 32c, 33a, 33b, 33c at the third computer unit 3 for receiving communication from one or more first computer units 1 1 a, 12a, 13a, 1 1 b, 12b, 13b, 1 1c, 12c, 13c.
  • this When contacted by a first computer unit 12b, this enables the third computer unit 3 to identify the correct second computer unit 2b for the contacting first computer unit 12b, through the medium of the address or the port 32b used by the first computer unit 12b in establishing said contact.
  • the specific protocol A s is the IPSEC TCP protocol. It is also possible to use some other protocol, such as ordinary TCP.
  • the third computer unit 3 can translate between the specific protocol A s and a plurality of other protocols, such as UDP and WAP.
  • the present invention is also suitable for communication within the global network Internet, since the Internet includes many different communication protocols.
  • the present invention also relates to a second computer program product 52, that includes a computer program code which, when executed by a computer unit, performs the functions of a second computer unit 2 in accordance with the inventive method.
  • the present invention also relates to a computer readable medium 6 on which there is stored a computer program code according to one of the first or the second computer program product. It will be understood that the invention is not restricted to the aforedescribed and illustrated exemplifying embodiments thereof, and that modifications can be made within the scope of the inventive concept as illustrated in the accompanying Claims.

Abstract

The present invention relates to a method, computer program products and a computer readable medium for communication between a first computer unit (11) and a second computer unit (2) via a network (A), wherein said communication takes place via a third computer unit (3). A firewall (21) is established between the second computer unit (2) and the third computer unit (3), and all communication between these computer units (2, 3) takes place through the firewall (21) via a single port (41) in accordance with a specific protocol. In the communication with the first computer unit (11), the third computer unit (3) translates between the protocol according to which the first computer unit(11) communicates with the third computer (3) and said specific protocol.

Description

METHOD OF COMMUNICATION THROUGH A FIREWALL
Field of invention
The present invention relates to a method, to computer program products, and to a computer readable medium for achieving communication between a first computer unit and a second computer unit via a network, said communication taking place via a third computer unit. A firewall is established between the second computer unit and the third computer unit, and all communication between the second computer unit and the third computer unit takes place through the firewall.
Description of the background art
It has long been known that when a server is connected to the Internet, several different server ports are used to communicate with the Internet user. These ports are designated for the use of a given communications protocol. The ports are numbered, wherewith port 80 is normally used for HTTP, port 25 is normally used for SMTP and port 143 is normally used for IMAP, for example.
Security is normally achieved, for instance with respect to a company, by establishing a firewall between the company server and the surrounding world. Thus, communication takes place between a user, with a first computer unit, and the server, which may be a second computer unit, often via a third computer unit consisting of an intermediate computer unit on the Internet, wherewith communication between the second and the third computer units, i.e. between the company server and the intermediate computer unit, often takes place through a firewall. Because the company often needs to communicate via a number of different protocols with different users, where each protocol has its own port, a plurality of openings are necessary in the firewall, one for each port.
Each opening in the firewall constitutes a security risk, and it is therefore desirable to minimise the number of openings in the firewall. The following publications can be considered to describe part of the earlier standpoint of techniques in this particular technical field.
Mobile Logic, wireless strategies for the enterprise, accessible on URL http://www.wiretel.com/mlphone.asp. This document describes the possibility of allowing a plurality of WAP units to connect with a gateway server where they occur under a common IP address and where communication takes place via a common TCP port.
EP-A1-0 909 074 describes how a firewall is able to manage different security levels for different users, by applying different sets of availability rules. The firewall may also re-route certain sessions to another server for processing.
JP-A-10135982 describes how two different IP addresses can share a common MAC address.
Summary of the present invention Technical problems
When considering the present state of the art as described above with a starting point from the aforesaid technical field, it will be seen that a technical problem resides in minimising the number of openings in the firewall used.
Another technical problem resides in enabling communication to be effected with a plurality of different users that use a number of different protocols with only one single opening in the firewall.
Another technical problem resides in allowing a plurality of different second computer units to communicate mutually with a plurality of different first computer units in accordance with different protocols via a common third computer unit, where all second computer units require only one single opening through their respective firewalls.
Solution
With the intention of providing a solution to one or more of the aforesaid problems, the present invention takes as its starting point a method, computer program products, and a computer readable medium to achieve communication between a first computer unit and a second computer unit via a network, wherein said communication takes place via a third computer unit. A firewall is established between the second computer unit and the third computer unit, and all communication between the second computer unit and the third computer unit takes place through said firewall.
With the intention of minimising the number of openings in a firewall, it is proposed in accordance with the present invention that all communication between the second computer unit and the third computer unit takes place via a port in accordance with a specific protocol, and that the third computer unit, in the communication with the first computer unit, translates between the protocol according to which the first computer unit communicates with the third computer unit and the specific protocol according to which the third computer unit communicates with the second computer unit.
When a plurality of different first computer units communicate with the second computer unit via the third computer unit and when these first computer units communicate in accordance with one and the same or in accordance with mutually different and mutually independent protocols, the third computer unit forwards the communication from the plurality of different first computer units to the second computer unit via said single port and in accordance with the specific protocol.
It is also conceivable to allow a plurality of second computer units to communicate with their respective one or more first computer units, via the third computer unit. With the intention of allowing a plurality of different second computer units to communicate with their respective first computer units, it is proposed in accordance with the present invention that respective second computer unit is allocated one or more addresses or ports at the third computer unit for receiving communication from their respective one or more first computer units, and that when contacted from a first computer unit the third computer unit identifies correct second computer unit for the contacting first computer unit, through the medium of the address or port used by the first computer unit in making said contact.
According to the invention, there is nothing that prevents the encryption of communication used between the first and the second computer units. According to one preferred embodiment of the invention, the specific protocol is the TCP protocol.
Thus, the third computer unit is able to translate between the specific protocol and a plurality of other protocols, such as UDP and WAP.
The present invention can be applied with particular advantage when the network concerned is the global network Internet.
The present invention also relates to two computer program products, wherein a first computer program product includes a computer program code which, when executed by a computer unit, performs the functions of a third computer unit according to the inventive method, and wherein a second computer program product includes a computer program code which, when executed by a computer unit, performs the functions of a second computer unit in accordance with the inventive method.
The present invention also relates to a computer readable medium in which there is stored a computer program code according to the first or the second computer program product.
Advantages
Those advantages primarily afforded by a method, computer program products, or a computer readable medium in accordance with the present invention reside in the ability to provide a third computer unit, or a Web server, which enables a second computer unit, or company-internal server, to communicate with a plurality of different first computer units, or users, in accordance with a plurality of different protocols, in the absence of any true opening through the used firewall.
Brief description of the drawings
A method, computer program products and a computer readable medium having features significant of the present invention will now be described in more detail by way of example with reference to the accompanying drawings, in which Figure 1 is a highly simplified, schematic illustration of communication via a network in accordance with known technology; Figure 2 is a highly simplified schematic illustration of how a second computer unit communicates with a plurality of different first computer units in accordance with the present invention; and Figure 3 is a highly simplified, schematic illustration of how a plurality of second computer units communicates with a plurality of different first computer units in accordance with the present invention.
Description of embodiments at present preferred As before mentioned, Figure 1 illustrates known technology for communication between a first and a second computer unit 1 1 , 2 via a network A, where said communication takes place via a third computer unit 3. With the intention of establishing security for the second computer unit 2, a firewall 21 is established between the second computer unit 2 and the third computer unit 3, wherewith all communication between these computer units 2, 3 takes place through this firewall 21. This is general when, for instance, the second computer unit 2 is a company- internal server and when it is desired to protect against intrusion in the company server and the internal network.
The second computer unit has a plurality of connections to the third computer unit 3, since different first computer units 1 1 , 12, 13, 14 possibly communicate in accordance with mutually different protocols Ai, A2, A3, A4, meaning that they require access to the second computer unit via mutually different ports 41 , 42, 43, 44. This also means that there will be several openings through the firewall 21 of the second computer unit, one for each port 41 , 42, 43, 44.
Figure 2 is intended to show that it is possible, in accordance with the present invention, to allow all communication between the second computer unit 2 and the third computer unit 3 to take place via a single port 4 in accordance with a specific protocol As, and that the third computer unit 3, in the communication with the first computer unit 1 1 , translates between the protocol A1 according to which the first computer unit 1 communicates with the third computer unit 3 and the specific protocol As according to which the third computer unit 3 communicates with the second computer unit 2.
Figure 2 also shows that a plurality of different first computer units 1 1 , 12, 13, 14 can communicate with the second computer unit 2 via the third computer unit 3, wherewith these several first computer units 1 1 , 12, 13, 14 communicate in accordance with one and the same or in accordance with mutually different and mutually independent protocols A-i, A2, A3, A_ι.
In this case, the third computer unit 3 forwards the communication with the plurality of different first computer units 1 1 , 12, 13, 14 to the second computer unit via said single port 4 in accordance with the specific protocol As. Figure 3 illustrates an embodiment in which a plurality of second computer units
2a, 2b, 2c communicate with their respective one or more first computer units 11 a, 12a, 13a, 1 1 b, 12b, 13b, 11 c, 12c, 13c via the third computer unit 3. According to a preferred embodiment, respective second computer unit 2a, 2b, 2c is allocated one or more addresses or ports 31a, 31 b, 31c, 32a, 32b, 32c, 33a, 33b, 33c at the third computer unit 3 for receiving communication from one or more first computer units 1 1 a, 12a, 13a, 1 1 b, 12b, 13b, 1 1c, 12c, 13c. When contacted by a first computer unit 12b, this enables the third computer unit 3 to identify the correct second computer unit 2b for the contacting first computer unit 12b, through the medium of the address or the port 32b used by the first computer unit 12b in establishing said contact.
According to the present invention, there is nothing to prevent encryption of the communication between a second computer unit 2 and one or more of said first computer units 11 , 12, 13.
According to a preferred embodiment of the present invention, the specific protocol As is the IPSEC TCP protocol. It is also possible to use some other protocol, such as ordinary TCP. The third computer unit 3 can translate between the specific protocol As and a plurality of other protocols, such as UDP and WAP.
The present invention is also suitable for communication within the global network Internet, since the Internet includes many different communication protocols.
Figure 2 also shows very schematically that the present invention also relates to a first computer program product 51 which includes a computer program code which, when executed by a computer unit, performs the functions of a third computer unit 3 in accordance with the inventive method.
The present invention also relates to a second computer program product 52, that includes a computer program code which, when executed by a computer unit, performs the functions of a second computer unit 2 in accordance with the inventive method.
The present invention also relates to a computer readable medium 6 on which there is stored a computer program code according to one of the first or the second computer program product. It will be understood that the invention is not restricted to the aforedescribed and illustrated exemplifying embodiments thereof, and that modifications can be made within the scope of the inventive concept as illustrated in the accompanying Claims.

Claims

1. A method of communicating between a first computer unit and a second computer unit via a network, wherein said communication takes place via a third computer unit, wherein a firewall is established between said second computer unit and said third computer unit, and wherein all communication between said second computer unit and said third computer unit takes place through said firewall, characterised in that all communication between said second computer unit and said third computer unit takes place via a single port in accordance with a specific protocol; and in that said third computer unit, in the communication with said first computer unit, translates between the protocol according to which said first computer unit communicates with said third computer unit and said specific protocol according to which said third computer unit communicates with said second computer unit.
2. A method according to Claim 1 , characterised in that a plurality of different first computer units communicate with said second computer unit via said third computer unit; in that said plurality of first computer units communicate in accordance with one and the same or in accordance with mutually different and mutually independent protocols; and in that said third computer unit forwards the communication from a plurality of different first computer units to said second computer unit via said single port in accordance with said specific protocol.
3. A method according to Claim 1 or 2, characterised in that a plurality of second computer units communicate with their respective one or more first computer units, via said third computer unit.
4. A method according to Claim 3, characterised in that respective second computer unit is allocated one or more addresses or ports at said third computer unit for receiving communication from one or more first computer units; and in that upon contact from a first computer unit with said third computer unit said third computer unit identifies the correct second computer unit for the contacting first computer unit, through the medium of the address or port used by the first computer unit in making said contact.
5. A method according to any one of the preceding Claims, characterised in that said communication is encrypted.
6. A method according to any one of the preceding Claims, characterised in that said specific protocol is the TCP protocol.
7. A method according to any one of the preceding Claims, characterised in that said third computer unit translates between said specific protocol and a plurality of other protocols.
8. A method according to any one of the preceding Claims, characterised in that said network is the global network Internet.
9. A first computer program product, characterised in that said first computer program product includes a computer program code which, when executed by a computer unit, performs the functions of a third computer unit in accordance with any one of Claims 1 to 8.
10. A second computer program product, characterised in that said second computer program product includes a computer program code which, when executed by a computer unit, performs the functions of a second computer unit in accordance with any one of Claims 1 to 8.
11. A computer readable medium, characterised in that said computer readable medium has stored thereon a computer program code according to any one of
Claims 9 and 10.
PCT/SE2002/000557 2001-03-22 2002-03-21 Method of communication through a firewall WO2002078268A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SE0101008A SE520393C2 (en) 2001-03-22 2001-03-22 Method of communication through firewall
SE0101008-1 2001-03-22

Publications (1)

Publication Number Publication Date
WO2002078268A1 true WO2002078268A1 (en) 2002-10-03

Family

ID=20283480

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE2002/000557 WO2002078268A1 (en) 2001-03-22 2002-03-21 Method of communication through a firewall

Country Status (2)

Country Link
SE (1) SE520393C2 (en)
WO (1) WO2002078268A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007136489A2 (en) * 2006-05-15 2007-11-29 The Boeing Company Protocol conversion in a network firewall
GB2444382A (en) * 2006-11-27 2008-06-04 Skype Ltd Transmitting data across a restrictive gateway
US8711841B2 (en) 2006-11-27 2014-04-29 Skype Communication system
US8798036B2 (en) 2006-11-20 2014-08-05 Skype Communication system and method

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0909074A1 (en) * 1997-09-12 1999-04-14 Lucent Technologies Inc. Methods and apparatus for a computer network firewall with multiple domain support

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0909074A1 (en) * 1997-09-12 1999-04-14 Lucent Technologies Inc. Methods and apparatus for a computer network firewall with multiple domain support

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"Mobilelogic introduces mobilelogic phone2", VAULTUS, 5 June 2000 (2000-06-05), Retrieved from the Internet <URL:http://www.vaultus.com/press/release/r000605.html> [retrieved on 20011128] *
"Secure WAP access to corporate data with columbitech mobile relay server (TM)", COLUMBITECH, 2000 *
KOPEIKIN ROY ET AL.: "Wireless GPRS access to virtual private networks for carriers ans ESPs", pages 1 - 10, XP002954936 *

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007136489A2 (en) * 2006-05-15 2007-11-29 The Boeing Company Protocol conversion in a network firewall
WO2007136489A3 (en) * 2006-05-15 2008-02-21 Boeing Co Protocol conversion in a network firewall
US7873071B2 (en) 2006-05-15 2011-01-18 The Boeing Company Multiple level security adapter
US8798036B2 (en) 2006-11-20 2014-08-05 Skype Communication system and method
US8170563B2 (en) 2006-11-27 2012-05-01 Skype Limited Systems and methods for transmission of data in a communication system
US8014511B2 (en) 2006-11-27 2011-09-06 Skype Limited Communication system
GB2444382B (en) * 2006-11-27 2011-08-03 Skype Ltd Communication system
US8175091B2 (en) 2006-11-27 2012-05-08 Skype Limited Communication system
US8238539B2 (en) 2006-11-27 2012-08-07 Skype Communication system
US8320546B2 (en) 2006-11-27 2012-11-27 Skype Communicaton system
US8346264B2 (en) 2006-11-27 2013-01-01 Skype Transmission of data in a communication system
US8457144B2 (en) 2006-11-27 2013-06-04 Skype Communication system
US8634535B2 (en) 2006-11-27 2014-01-21 Skype Communication system
US8711841B2 (en) 2006-11-27 2014-04-29 Skype Communication system
GB2444382A (en) * 2006-11-27 2008-06-04 Skype Ltd Transmitting data across a restrictive gateway

Also Published As

Publication number Publication date
SE0101008L (en) 2002-09-23
SE0101008D0 (en) 2001-03-22
SE520393C2 (en) 2003-07-01

Similar Documents

Publication Publication Date Title
EP1370040B1 (en) A method, a network access server, an authentication-authorization-and-accounting server, and a computer software product for proxying user authentication-authorization-and-accounting messages via a network access server
US8726008B2 (en) Network security smart load balancing
EP1259886B1 (en) Network address translation gateway for local area networks using local ip addresses and non-translatable port addresses
EP1886455B1 (en) System and method for accessing a web server on a device with a dynamic ip-address residing a firewall
US20100115113A1 (en) Systems and methods for providing dynamic network authorization, authentication and accounting
RU2280333C2 (en) Safety in networks of undefined localization level
JP2003500711A (en) Proxy system and method for performing secure session sequence
US20080130900A1 (en) Method and apparatus for providing secure communication
EP1527573B1 (en) System and method for communicating in a load balancing environment
JP2003050756A (en) Reverse proxy network communication system and method of accessing internal network device
RU2214623C2 (en) Computer network with internet screen and internet screen
US6757734B1 (en) Method of communication
JP3587633B2 (en) Network communication method and apparatus
US8146144B2 (en) Method and system for the transparent transmission of data traffic between data processing devices, corresponding computer program product, and corresponding computer-readable storage medium
US7908481B1 (en) Routing data to one or more entities in a network
WO2002078268A1 (en) Method of communication through a firewall
CN109547470B (en) Electronic isolation wall method, device and system for protecting network space security
US20230049547A1 (en) Private network access
US7715326B2 (en) Webserver alternative for increased security
WO2002078267A1 (en) A method of communication between a first computer device and a second computer device; via a third device
Cisco Protocol Translation Session Commands
JP4587868B2 (en) Router and router program
Anderson Universal Session Protocol: A Novel Approach to Session Management
GB2330991A (en) Routing data packets
JP2002236627A (en) Method for changing dynamic port of firewall

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ CZ DE DE DK DK DM DZ EC EE EE ES FI FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SK SL TJ TM TN TR TT TZ UA UG US UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 69(1) EPC DATED02-02-2004

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP